Software Composability and Mixed Criticality for Triple Modular Redundant Architectures

Composability and mixed criticality are concepts that promise an ease of development and certification for safety critical systems in all industrial domains. In this paper we define the necessary requirements, highlight issues and classify fault containment, when extending already existing triple modular redundant architectures with these concepts. We evaluate the needed adaptations and extensions of triplication mechanisms with respect to the required safety properties. Finally, we suggest novel architectures for serving triplicated modular redundant applications and compare them to the previously presented solutions. 1

[1]  Stefan Poledna,et al.  Replica determinism in distributed real-time systems: A brief survey , 1994, Real-Time Systems.

[2]  Jim Alves-Foss,et al.  The MILS architecture for high-assurance embedded systems , 2006, Int. J. Embed. Syst..

[3]  Ole Agesen,et al.  A comparison of software and hardware techniques for x86 virtualization , 2006, ASPLOS XII.

[4]  Mehrdad Sabetzadeh,et al.  Challenges for an Open and Evolutionary Approach to Safety Assurance and Certification of Safety-Critical Systems , 2011, 2011 First International Workshop on Software Certification.

[5]  Stefan Bunzel,et al.  AUTOSAR – the Standardized Software Architecture , 2011, Informatik-Spektrum.

[6]  J.,et al.  Composability and Predictability for Independent Application Development , Verification and Execution , 2010 .

[7]  Roman Obermaisser,et al.  Composability in the time-triggered system-on-chip architecture , 2008, 2008 IEEE International SOC Conference.

[8]  Rushby John,et al.  Partitioning in Avionics Architectures: Requirements, Mechanisms, and Assurance , 1999 .

[9]  Kees G. W. Goossens,et al.  CoMPSoC: A template for composable and predictable multi-processor system on chips , 2009, TODE.

[10]  Zonghua Gu,et al.  A State-of-the-Art Survey on Real-Time Issues in Embedded Systems Virtualization , 2012 .

[11]  Frederic T. Chong,et al.  Crafting a usable microkernel, processor, and I/O system with strict and provable information flow security , 2011, 2011 38th Annual International Symposium on Computer Architecture (ISCA).

[12]  D. Czajkowski,et al.  Ultra low-power space computer leveraging embedded seu afitigation , 2003, 2003 IEEE Aerospace Conference Proceedings (Cat. No.03TH8652).

[13]  P.J. Prisaznuk,et al.  ARINC 653 role in Integrated Modular Avionics (IMA) , 2008, 2008 IEEE/AIAA 27th Digital Avionics Systems Conference.

[14]  John H. Wensley SIFT: software implemented fault tolerance , 1972, AFIPS '72 (Fall, part I).

[15]  M. Masmano,et al.  XtratuM: a Hypervisor for Safety Critical Embedded Systems , 2012 .

[16]  John M. Rushby,et al.  Design and verification of secure systems , 1981, SOSP.

[17]  B. Witwer Systems integration of the 777 Airplane Information Management System (AIMS): a Honeywell perspective , 1995, Proceedings of 14th Digital Avionics Systems Conference.

[18]  Gernot Heiser,et al.  The OKL4 microvisor: convergence point of microkernels and hypervisors , 2010, APSys '10.

[19]  Dongrui She,et al.  Composable processor virtualization for embedded systems , 2010 .

[20]  Nancy G. Leveson Safety as a system property , 1995, CACM.

[21]  Andreas Gerstinger Runtime Diversity against Quasirandom Faults , 2009, 2009 Fourth International Conference on Systems.

[22]  Fred B. Schneider,et al.  Hypervisor-based fault tolerance , 1996, TOCS.